diff --git a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.localdisk b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.localdisk
index 204310660..7676e73ce 100755
--- a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.localdisk
+++ b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.localdisk
@@ -69,11 +69,16 @@ xCATCmd () {
     ARCH=`uname -m`
     if [ x$ARCH = x"ppc64" -a x$OS = x"rh" ]; then
         /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 \
+            $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 |
+               grep -m 1 -o -- -no_ssl2) \
             -connect ${1} -rand /bin/bash 2>/dev/null \
             <<<"<xcatrequest><command>${2}</command></xcatrequest>"
     else
         LD_LIBRARY_PATH=${MNTDIR}/lib64:${MNTDIR}/usr/lib64 \
             ${MNTDIR}/usr/bin/openssl s_client -quiet -no_ssl3 \
+            $(LD_LIBRARY_PATH=${MNTDIR}/lib64:${MNTDIR}/usr/lib64 \
+                ${MNTDIR}/usr/bin/openssl s_client -help 2>&1 |
+                grep -m 1 -o -- -no_ssl2) \
             -connect ${1} -rand /bin/bash 2>/dev/null \
             <<<"<xcatrequest><command>${2}</command></xcatrequest>"
     fi
diff --git a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite
index cef1ac789..fa6549464 100755
--- a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite
+++ b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite
@@ -128,7 +128,7 @@ GetSyncInfo () {
 xCATCmd () {
 # $1 is the xCAT server
 # $2 is the command
-	LD_LIBRARY_PATH=${MNTDIR}/lib64:${MNTDIR}/usr/lib64 ${MNTDIR}/usr/bin/openssl s_client -quiet -no_ssl3 -connect ${1} -rand /bin/bash 2>/dev/null <<<"<xcatrequest><command>${2}</command></xcatrequest>"
+	LD_LIBRARY_PATH=${MNTDIR}/lib64:${MNTDIR}/usr/lib64 ${MNTDIR}/usr/bin/openssl s_client -quiet -no_ssl3 $(LD_LIBRARY_PATH=${MNTDIR}/lib64:${MNTDIR}/usr/lib64 ${MNTDIR}/usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} -rand /bin/bash 2>/dev/null <<<"<xcatrequest><command>${2}</command></xcatrequest>"
 
 }
 
diff --git a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat
index 6f37f6465..8aa5dac22 100755
--- a/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat
+++ b/xCAT-server/share/xcat/netboot/add-on/statelite/rc.statelite.ppc.redhat
@@ -128,7 +128,7 @@ GetSyncInfo () {
 xCATCmd () {
 # $1 is the xCAT server
 # $2 is the command
-	echo "<xcatrequest>\n<command>${2}</command>\n</xcatrequest>" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 -connect ${1} -rand /bin/nice 2>/dev/null
+	echo "<xcatrequest>\n<command>${2}</command>\n</xcatrequest>" | /usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -quiet -no_ssl3 $(/usr/sbin/chroot ${MNTDIR} /usr/bin/openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect ${1} -rand /bin/nice 2>/dev/null
 
 }
 
diff --git a/xCAT/postscripts/getcredentials.awk b/xCAT/postscripts/getcredentials.awk
index 5873b253b..67300becf 100755
--- a/xCAT/postscripts/getcredentials.awk
+++ b/xCAT/postscripts/getcredentials.awk
@@ -2,6 +2,9 @@
 BEGIN {
         if ((ENVIRON["USEOPENSSLFORXCAT"]) || (ENVIRON["AIX"])) {
             server = "openssl s_client -quiet -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+            if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) {
+                server = "openssl s_client -quiet -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+            }
         } else {
             server = "/inet/tcp/0/127.0.0.1/400"
         }
diff --git a/xCAT/postscripts/getpostscript.awk b/xCAT/postscripts/getpostscript.awk
index d0d49dd88..985b34dcb 100755
--- a/xCAT/postscripts/getpostscript.awk
+++ b/xCAT/postscripts/getpostscript.awk
@@ -2,6 +2,9 @@
 BEGIN {
         if (ENVIRON["USEOPENSSLFORXCAT"]) {
             server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+            if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) {
+                server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+            }
         } else {
             server = "/inet/tcp/0/127.0.0.1/400"
         }
diff --git a/xCAT/postscripts/startsyncfiles b/xCAT/postscripts/startsyncfiles
index 9f9b79d15..9a15261a1 100755
--- a/xCAT/postscripts/startsyncfiles
+++ b/xCAT/postscripts/startsyncfiles
@@ -42,7 +42,7 @@ while read LINE;do
         RET=${RET%<*}
         [ "$RET" != "0" ] && RETCODE=1
     fi
-done < <(openssl s_client -no_ssl3 -connect $MASTER_IP:$XCATDPORT -ign_eof -quiet <<<$REQUEST)
+done < <(openssl s_client -no_ssl3 $(openssl s_client -help 2>&1 | grep -m 1 -o -- -no_ssl2) -connect $MASTER_IP:$XCATDPORT -ign_eof -quiet <<<$REQUEST)
 
 rm -rf $RESPFILE
 exit $RETCODE
diff --git a/xCAT/postscripts/startsyncfiles.awk b/xCAT/postscripts/startsyncfiles.awk
index 4855cee0f..c9af5345b 100755
--- a/xCAT/postscripts/startsyncfiles.awk
+++ b/xCAT/postscripts/startsyncfiles.awk
@@ -1,7 +1,10 @@
 #!/usr/bin/awk -f
 BEGIN {
   if (ENVIRON["USEOPENSSLFORXCAT"]) {
-      server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " 2> /dev/null"
+      server = "openssl s_client -no_ssl3 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+      if (!system("openssl s_client -help 2>&1 | grep -m 1 -q -- -no_ssl2")) {
+          server = "openssl s_client -no_ssl3 -no_ssl2 -connect " ENVIRON["XCATSERVER"] " -rand /bin/nice 2> /dev/null"
+      }
   } else {
       server = "/inet/tcp/0/127.0.0.1/400"
   }